← volver
CVE-2007-3996

CVE-2007-3996

EPSS 4.2%
Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx (width) value to the (b) gdImageCreate or the (c) gdImageCreateTrueColor function.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://bugs.gentoo.org/show_bug.cgi?id=201546http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.htmlhttp://rhn.redhat.com/errata/RHSA-2007-0889.htmlhttp://secunia.com/advisories/26642http://secunia.com/advisories/26822http://secunia.com/advisories/26838http://secunia.com/advisories/26871http://secunia.com/advisories/26895http://secunia.com/advisories/26930http://secunia.com/advisories/26967http://secunia.com/advisories/27102http://secunia.com/advisories/27351